From 8cf7e262a2282bbdf6fe9ccd7c76aedf85342816 Mon Sep 17 00:00:00 2001 From: Mcat12 Date: Sat, 10 Dec 2016 11:47:47 -0500 Subject: [PATCH] Remove CORS skip log message It can fill up the error log really quickly, since this function is now used on all pages. Most of these pages are not able to be protected by CORS but can still be protected by the Host check. --- php/auth.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/php/auth.php b/php/auth.php index fcad7dfd..d39f168e 100644 --- a/php/auth.php +++ b/php/auth.php @@ -39,9 +39,7 @@ function check_cors() { } header("Access-Control-Allow-Origin: ${_SERVER['HTTP_ORIGIN']}"); } - else { - pi_log("CORS skipped, unknown HTTP_ORIGIN"); - } + // If there's no HTTP_ORIGIN, CORS should not be used } function check_csrf($token) {